Method for analysis of code-reuse attacks
https://doi.org/10.15514/ISPRAS-2018-30(5)-2
Abstract
About the Authors
A. V. VishnyakovRussian Federation
A. R. Nurmukhametov
Russian Federation
Sh. F. Kurmangaleev
Russian Federation
S. S. Gaisaryan
Russian Federation
References
1. Common Vulnerabilities and Exposures (CVE). Режим доступа: https://cve.mitre.org, дата обращения 10.11.2008.
2. Статистика уязвимостей (CVE) по годам. Режим доступа: https://www.cvedetails.com/browse-by-date.php, дата обращения 10.11.2008.
3. CWE-121: Stack-based Buffer Overflow. Режим доступа: https://cwe.mitre.org/data/definitions/121.html, дата обращения 10.11.2008.
4. Shacham H. The Geometry of Innocent Flesh on the Bone: Return-into-libc Without Function Calls (on the x86). In Proc. of the 14th ACM Conference on Computer and Communications Security, CCS’07, 2007, pp. 552–561.
5. Schwartz E.J, Avgerinos T., Brumley D. Q: Exploit Hardening Made Easy. In Proc. of the 20th USENIX Conference on Security, SEC’11, 2011, p. 25.
6. Jager I., Brumley D. Efficient Directionless Weakest Preconditions. Technical Report CMU-CyLab-10-002, 2010.
7. Lu K., Zou D., Wen W., Gao D. deRop: Removing Return-oriented Programming from Malware. In Proc. of the 27th Annual Computer Security Applications Conference, ACSAC’11, 2011, pp. 363–372.
8. Graziano M., Balzarotti D., Zidouemba A. ROPMEMU: A Framework for the Analysis of Complex Code-Reuse Attacks. In Proc. of the 11th ACM on Asia Conference on Computer and Communications Security, ASIA CCS’16, 2016, pp. 47–58.
9. Roemer R., Buchanan E., Shacham H., Savage S. Return-Oriented Programming: Systems, Languages, and Applications. ACM Transactions on Information and System Security, vol. 15, no. 1, 2012, pp. 2:1–2:34.
10. Инструмент IDA Pro. Режим доступа: https://www.hex-rays.com/products/ida/, дата обращения 10.11.2008.
11. Nethercote N., Seward J. How to Shadow Every Byte of Memory Used by a Program. In Proc. of the 3rd International Conference on Virtual Execution Environments, VEE’07, 2007, pp. 65–74.
12. Moser A., Kruegel C., Kirda E. Exploring Multiple Execution Paths for Malware Analysis. In Proc. of the 2007 IEEE Symposium on Security and Privacy, SP’07, 2007, pp. 231–245.
13. Vishnyakov A.V. Classification of ROP gadgets. Trudy ISP RAN/Proc. ISP RAS, vol. 28, issue 6, 2016, pp. 27–36 (in Russian). DOI: 10.15514/ISPRAS-2016-28(6)-2
14. VirtualProtect function (Windows). https://msdn.microsoft.com/en-us/library/windows/desktop/aa366898(v=vs.85).aspx.
15. The Linux man-pages project. Режим доступа: https://www.kernel.org/doc/man-pages/.
16. API Monitor: Spy on API Calls and COM Interfaces. Режим доступа: http://www.rohitab.com/apimonitor, дата обращения 10.11.2008.
17. Padaryan V.A., Soloviev M.A., Kononov A.I. Modeling operational semantics of machine instructions. Trudy ISP RAN/Proc. ISP RAS, 2010, vol. 19, pp. 165–186 (in Russian).
18. Metasploit Framework. Режим доступа: https://github.com/rapid7/metasploit-framework, дата обращения 10.11.2008.
19. Exploit Database. Режим доступа: https://www.exploit-db.com, дата обращения 10.11.2008.
20. snapshot.debian.org. Режим доступа: http://snapshot.debian.org, дата обращения 10.11.2008.
Review
For citations:
Vishnyakov A.V., Nurmukhametov A.R., Kurmangaleev Sh.F., Gaisaryan S.S. Method for analysis of code-reuse attacks. Proceedings of the Institute for System Programming of the RAS (Proceedings of ISP RAS). 2018;30(5):31-54. (In Russ.) https://doi.org/10.15514/ISPRAS-2018-30(5)-2